One of the challenges associated with protecting sensitive data is differentiating between data that is transmitted as a normal and expected part of user activities and data that is transmitted without the knowledge of the user. Some of the factors that have increased the magnitude of this challenge include cloud computing and social networking. Sensitive data may often be transmitted between clients and servers in cloud computing environments. In addition, significant amounts of personal information and other sensitive data may be transmitted from social networking clients on user's devices to social networking systems.
To a certain extent, transmission of sensitive data takes place with the knowledge and approval of users. A user may know that the address book on their mobile phone is being backed up to a cloud database because they authorized the backup. They may also be aware that the social networking program on their smartphone may transmit their current location when they update their status. All of this expected transmission of sensitive data makes it that much more difficult to determine when sensitive data is being transmitted unexpectedly. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for determining whether transmission of sensitive data is expected.